The Lloyd’s Market Association (LMA) has published a report outlining a framework to help insurers within the Lloyd’s market better manage their exposure to lesser-known systemic cyber risks.
The report, called Scoping out systemic cyber risk, focuses on developing a structured approach to assess the aggregation potential of emerging cyber scenarios, which the industry refers to as "other cyber" risks.
According to Chris Mather, senior executive for technical underwriting at the LMA, the framework provides a method for evaluating scenarios that differ from well-modelled systemic risks, such as widespread ransomware attacks or cloud service provider failures.
The report examines two specific "other cyber" scenarios: a cyberattack targeting electronic healthcare record systems and an attack on electronic chart display and information systems used in the maritime sector. By applying the proposed framework, the LMA’s cyber risk strategy group provides a detailed analysis of these scenarios, highlighting their potential for aggregation and disruption within their respective industries.
Kelly Malynn, underwriting product leader for cyber physical damage M.A.P at Beazley and chair of the LMA’s cyber risk strategy group, said the framework’s is “very timely” and will be valuable to the market.
“One of the standout features of our report is its focus on the aggregation potential of cyber risks – particularly these lesser-known ‘other cyber’ scenarios,” she said. “The interconnectedness of modern systems means that a single point of technological commonality can lead to widespread disruptions, underscoring the necessity for advanced risk modelling and comprehensive scenario planning to facilitate informed underwriting.”
Chris Mather, senior executive, technical underwriting at the LMA, highlighted the importance of collaboration to better understand these emerging cyber risks.
“The detailed examples provided in this report in the healthcare and maritime sectors, offer valuable insights into how such scenarios can unfold across specific industries with common nodes of aggregation,” Mather commented. “By working together to enhance our understanding of cyber threats, strengthen our resilience to cyberattacks and develop innovative risk management solutions, we can mitigate the potential for catastrophic disruptions.”